CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Perl Programming Help: Beginner:
Hidding URL from browser

 



seriousfun
Novice

May 28, 2000, 2:46 AM

Post #1 of 6 (653 views)
Hidding URL from browser Can't Post

I have a script with links that carry the password to save re entering for each sub routine access

eg:
print"<A HREF=\"script.cgi?Admin=$password\">Return to the Administration screen.";

how do I prevent this from appearing in the users browser?

Thanks for your help


perlkid
stranger

May 29, 2000, 2:58 AM

Post #2 of 6 (653 views)
Re: Hidding URL from browser [In reply to] Can't Post

 The safest way is to encrypt the password and use a form with a hidden value. And so that you don't lose your nice apearence of a link, you can make a gif and use that as the button for the form.

<form method=GET action="/script.cgi" target="_self">
<input type=hidden name="Admin" value="$password">
<input type="image" src="button.gif" width="100" height="22">
</form>

Even though you can't see it in the url, You probably can still open the source of the page and see it that way. That's why it should be encrypted, unless it allready is.

Also you might have to change to way the script reads the pass word. Intead of it being in the url it's in the form, so you have to read the standard input.

<BLOCKQUOTE><font size="1" face="Arial,Helvetica,sans serif">code:</font><HR>



##############################################################
read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@cgiPairs = split(/&/,$buffer);
foreach $cgiPair (@cgiPairs)
{
($name,$value) = split(/=/,$cgiPair);
$value =~ s/\+/ /g;
$value =~ s/%(..)/pack("c",hex($1))/ge;
$form{$name} .= "\0" if (defined($form{$name}));
$form{$name} .= "$value";
}

##############################################################

</pre><HR></BLOCKQUOTE>

Then change the part where it reads the password from $what-ever{'Admin'} to $form{'Admin'}.

Usually that's the case.

perlkid


[This message has been edited by perlkid (edited 05-29-2000).]


Jonas
Deleted

May 29, 2000, 3:30 AM

Post #3 of 6 (653 views)
Re: Hidding URL from browser [In reply to] Can't Post

Wouldn't it be better to use the post-methode?? It would prevent the password to be shown in the URL or is this a false conclusion?

bye

Jonas


perlkid
stranger

May 29, 2000, 11:15 AM

Post #4 of 6 (653 views)
Re: Hidding URL from browser [In reply to] Can't Post

   
Ohh yea, Forgot that. Thanks for noticing Jonas.

<form method=GET action="/script.cgi" target="_self" method="POST">
<input type=hidden name="Admin" value="$password">
<input type="image" src="button.gif" width="100" height="22">
</form>

This is ok now, right Jonas?

perlkid


seriousfun
Novice

May 29, 2000, 12:21 PM

Post #5 of 6 (653 views)
Re: Hidding URL from browser [In reply to] Can't Post

Thanks guys.
I'll use the post method and a gif


SirAnvil
Deleted

Feb 17, 2001, 11:20 AM

Post #6 of 6 (652 views)
Re: Hidding URL from browser [In reply to] Can't Post

Just thought you might want to know you've got two method='s in your form tag. I'm not sure wich one would take. :)

SirAnvil
www.christiangamers.org

 
 


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives